Category: Zero Day

Mar 07

Critical FortiOS and FortiProxy Vulnerability – FG-IR-23-001

By Christopher GLEMOT in CERT, Cybersecurity, Fortinet, Security, Zero Day

Critical FortiOS and FortiProxy Vulnerability – FG-IR-23-001: Fortinet has just announced a critical vulnerability in all versions. A buffer underwrite (‘buffer underflow’) vulnerability in FortiOS & FortiProxy administrative interface may allow a remote unauthenticated attacker to execute arbitrary code on the device and/or perform a DoS on the GUI, via specifically crafted requests. The impact …

Blue Team, CVE-2023-25610, DoS, FG-IR-23-001, Fortinet, Infosec

Feb 04

Important Vulnerability in VMware ESXi

By Christopher GLEMOT in Detection & Response, Ransomware, Security, VMware, Vulnerability Management, Zero Day

There is currently an encryption campaign targeting ESXi servers up to version 7.x via the CVE-2022-31696 vulnerability, which allows access to data on host systems.

CVE-2021-21974, ESX, Infosec, Nevada, Ransomware, Red Team, VMware, Vulnerability

Dec 12

Critical Fortigate VPN SSL Vulnerability – CVE-2022-42475

By Christopher GLEMOT in CERT, Cybersecurity, Fortinet, Security, Zero Day

Updated on Tuesday 13, December – Affected versions. Critical VPN SSL Vulnerability (FortiOS): Fortinet has just announced a critical vulnerability in all versions. Vulnerabilities that can be easily exploited remotely to compromise firewall or where remote code execution is considered likely in common situations. Manipulate the dynamic resources of some processes, the goal is to …

CVE-2022-42475, Fortinet, Infosec, Red Team, VPN SSL, Zero Day

Nov 01

OpenSSL patch (v3.0.7) for Vulnerability 2022

By Christopher GLEMOT in CERT, SOC, Vulnerability Management, Zero Day

The OpenSSL patch (v3.0.7) is now released (OpenSSL patch v3.0.7 for Vulnerability 2022), and you still have time to assess what are the potentially vulnerable products in your environment. Here’s the link to download the fix. OpenSSL security update is out, with fixes for CVE-2022-3786 and CVE-2022-3602. Vulnerabilities were also downgraded from Critical to High …

CVE-2022-3602, CVE-2022-3786, Fix, OpenSSL v3.0.7, Patch, Risk, Update, Vulnerability Management

Oct 27

List of vendors and software affected by the OpenSSL vulnerability

By Christopher GLEMOT in Cybersecurity, Ransomware, Security, Vulnerability Management, Zero Day

On this page we display a list of vendors and their software affected and not affected by the OpenSSL vulnerability in version 3.X. This page is being updated as soon as we issue the corresponding security bulletin and according of the feedback of the vendors.

Affected, CVE, List vendors, OpenSSl, v3, Vulnerability

Christopher Glémot @c_glemot ·

8 Mar

🔶 @Veeam has published a high #vulnerability in VBR (CVE-2023-27532). Affected component is the Veeam Backup Service. For more information: 👉 https://original-network.com/high-veeam-backup-replication-vulnerability-cve-2023-27532/#more-5517

#infosec #blueteam #security #VeeamVanguard

Reply on Twitter 1633279753615552514 Retweet on Twitter 1633279753615552514 6 Like on Twitter 1633279753615552514 7 Twitter 1633279753615552514

Christopher Glémot @c_glemot ·

8 Mar

🛑@Fortinet has published a critical #vulnerability (CVE-2023-25610 - FG-IR-23-001) that may allow a remote unauthenticated attacker to execute arbitrary code & perform a DoS on the GUI 👉 https://original-network.com/critical-fortigate-vulnerability-fg-ir-23-001/ #infosec #blueteam #security #fortinet

Reply on Twitter 1633261365560242178 Retweet on Twitter 1633261365560242178 8 Like on Twitter 1633261365560242178 7 Twitter 1633261365560242178

Category: Zero Day

Critical FortiOS and FortiProxy Vulnerability – FG-IR-23-001

Important Vulnerability in VMware ESXi

Critical Fortigate VPN SSL Vulnerability – CVE-2022-42475

OpenSSL patch (v3.0.7) for Vulnerability 2022

Follow me

Subscribe to Blog via Email

SPONSORS

About me

Top Posts

Enjoy this blog? Please spread the word :)

Category: Zero Day

Critical FortiOS and FortiProxy Vulnerability – FG-IR-23-001

Share this:

Important Vulnerability in VMware ESXi

Share this:

Critical Fortigate VPN SSL Vulnerability – CVE-2022-42475

Share this:

OpenSSL patch (v3.0.7) for Vulnerability 2022

Share this:

List of vendors and software affected by the OpenSSL vulnerability

Share this:

Follow me

Subscribe to Blog via Email

SPONSORS

About me

Top Posts

Enjoy this blog? Please spread the word :)